Information processing device and information processing method

ABSTRACT

There is provided an information processing device to grasp timing of a process by a protection storage unit and to effectively utilize the timing, the information processing device including a data obtaining unit that, on the basis of a notification from a protection storage unit, obtains data related to timing of a process by the protection storage unit, and a control unit that associates the data related to the timing of the process with data related to the process.

TECHNICAL FIELD

The present disclosure relates to an information processing device andan information processing method.

BACKGROUND ART

Among mobile phone terminals including smartphones, terminals have beendeveloped that have a short-range (proximity) wireless communicationfunction by including a non-contact integrated circuit (IC) tag, a radiofrequency identification (RFID) tag, or the like and are capable ofperforming wireless communication with a reader-writer in a proximity ofabout, for example, several centimeters. For example, a secure elementincluded in the non-contact IC tag performs an arbitrary process alongwith short-range wireless communication, and thus the mobile phoneterminal can implement a transportation ticket function, an electronicmoney function, a credit card function, and an individual authenticationcard function.

Furthermore, techniques for effectively utilizing data used inprocessing of these various functions have been also developed. Forexample, Patent Document 1 below discloses a technique to associatehistory data of a price settlement process and data input separately bya user in a case where the price settlement process is performed throughthe short-range wireless communication, so as to effectively utilize thedata.

CITATION LIST Patent Document

-   Patent Document 1: Japanese Patent Application Laid-Open No.    2008-141400

SUMMARY OF THE INVENTION Problems to be Solved by the Invention

However, depending on the technique or the like described in PatentDocument 1, the mobile phone terminal cannot grasp and effectivelyutilize timing of a process by the secure element (protection storageunit). More specifically, the secure element cannot access a timeobtaining function provided in the mobile phone terminal (or an externaldevice connected to the mobile phone terminal), and thus cannot recorddata related to timing of a process. Therefore, even if the mobile phoneterminal obtains data related to a process from the secure element afterthe process, data related to timing of the process is not included inthe obtained data, and thus the mobile phone terminal cannot grasp andeffectively utilize timing of the process by the secure element.

Accordingly, the present disclosure has been made in view of the above,and the present disclosure provides a novel and improved informationprocessing device and information processing method that enable aninformation processing device such as a mobile phone terminal to graspand effectively utilize timing of a process by a protection storage unitsuch as a secure element.

Solutions to Problems

According to the present disclosure, there is provided an informationprocessing device including a data obtaining unit that, on the basis ofa notification from a protection storage unit, obtains data related totiming of a process by the protection storage unit, and a control unitthat associates the data related to the timing of the process with datarelated to the process.

Furthermore, according to the present disclosure, there is provided aninformation processing method executed by a computer, the methodincluding, on the basis of a notification from a protection storageunit, obtaining data related to timing of a process by the protectionstorage unit, and associating the data related to the timing of theprocess with data related to the process.

Effects of the Invention

As described above, according to the present disclosure, it is possiblefor an information processing device to grasp timing of a processperformed by a protection storage unit and to effectively utilize thetiming.

Note that the above effects are not necessarily limited, and any of theeffects illustrated in the present description or other effects that canbe grasped from the present description may be exhibited together withor in place of the above effects.

BRIEF DESCRIPTION OF DRAWINGS

FIG. 1 is a diagram illustrating a configuration example of aninformation processing system according to the present embodiment.

FIG. 2 is a block diagram illustrating a functional configurationexample of an information processing device 100.

FIG. 3 is a diagram illustrating a data structure included in a firststorage unit 122.

FIG. 4 is a diagram illustrating an example of data stored in a secondstorage unit 123.

FIG. 5 is a diagram illustrating an example of data stored in a storageunit 113.

FIG. 6 is a sequence diagram illustrating an example of a process flowperformed along with short-range wireless communication between theinformation processing device 100 and a reader-writer 300.

FIG. 7 is a sequence diagram illustrating an example of a process flowperformed along with communication between the information processingdevice 100 and a server 200.

FIG. 8 is a block diagram illustrating a hardware configuration exampleof the information processing device 100.

MODE FOR CARRYING OUT THE INVENTION

Hereinafter, preferred embodiments of the present disclosure will bedescribed in detail with reference to the accompanying drawings. Notethat in the present description and drawings, for components which havesubstantially the same functional configurations, duplicateddescriptions are omitted by attaching the same reference signs.

Note that the description will be made in the following order.

1. Background

2. Embodiment

2.1. System configuration example

2.2. Functional configuration example of secure element 120

2.3. Functional configuration example of device host 110

2.4. Examples of process flows

2.5. Hardware configuration example of information processing device 100

3. Summary

1. BACKGROUND

First, the background of the present disclosure will be described.

As described above, in a mobile phone terminal including a smartphone,for example, a secure element provided in a non-contact IC tag performsan arbitrary process along with short-range wireless communication.Thus, the mobile phone terminal can implement a ticket function oftransportation system, an electronic money function, a credit cardfunction, and a personal authentication card function.

Here, the secure element cannot obtain and record data related to timingof a process (for example, data on date and time when the process hasbeen performed, and the like). More specifically, the secure elementcannot access a time obtaining function provided in the mobile phoneterminal (or an external device connected to the mobile phone terminal),and thus cannot obtain the data related to timing of a process.Therefore, the secure element cannot store the data related to timing ofa process in association with process target data.

Furthermore, for the secure element, there is data that cannot beobtained other than the data related to timing of a process. Forexample, since the secure element cannot access various sensors orvarious devices provided outside the secure element, it is not possibleto obtain data related to the position of the mobile phone terminal whena process is performed, data related to the situation surrounding theposition, data related to a user of the mobile phone terminal, or datarelated to operation of the mobile phone terminal or action of the user,or the like. Therefore, the secure element cannot store these data inassociation with process target data.

Furthermore, a process performed between the secure element and theexternal device by the short-range wireless communication is basicallycompleted between the secure element and the external device, and thus adevice host provided in the mobile phone terminal cannot know contentsof the process.

Furthermore, in a case where an update process of data stored in thesecure element has been performed, even if the device host obtainsprocess target data stored in the secure element, there are cases wherethe device host cannot know the contents of the update process. Forexample, in a case where the update process of data stored in the secureelement has been performed a plurality of times before the device hostobtains the process target data, the device host cannot grasp thecontents of each update process.

In view of the above circumstances, the discloser of the presentapplication has created the technology of the present disclosure.Hereinafter, an embodiment of the present disclosure will be described.

2. Embodiment

The background of the present disclosure has been described above. Next,an embodiment of the present disclosure will be described.

2.1. System Configuration Example

First, a configuration example of an information processing systemaccording to the present embodiment will be described with reference toFIGS. 1 and 2.

As illustrated in FIG. 1, the information processing system according tothe present embodiment includes an information processing device 100, aserver 200, and a reader-writer 300. Furthermore, as illustrated in FIG.2, the information processing device 100 includes a device host 110, asecure element 120, and a contactless front end (CLF) 130.

(Information Processing Device 100)

The information processing device 100 is a device that can performtelephone calls and data transmission and reception by performingwireless communication with a predetermined base station. Furthermore,the information processing device 100 includes a built-in non-contact ICtag, and performs non-contact communication (for example, short-rangewireless communication or the like) by using the non-contact IC tag withthe reader-writer 300 installed at a predetermined place (for example, astore, a ticket gate, an entrance, or the like), to thereby performvarious processes. Note that the contents of the processes are notparticularly limited. For example, the information processing device 100can perform a price settlement process, an electronic money chargeprocess, an individual authentication process, a behavior managementprocess, or the like using the non-contact IC tag. Furthermore, thecommunication method between the information processing device 100 andthe reader-writer 300 is not particularly limited. For example, thecommunication method between the information processing device 100 andthe reader-writer 300 may be contact communication instead of thenon-contact communication.

Furthermore, the information processing device 100 can also transmit andreceive data by communicating with the server 200. For example, theinformation processing device 100 can transmit history data and the likeof the price settlement process to the server 200. Further, by receivingdata related to charged electronic money from the server 200, theinformation processing device 100 can reflect the data on the owndevice. Note that the contents of data transmitted and received betweenthe information processing device 100 and the server 200 are notparticularly limited. Furthermore, the communication method between theinformation processing device 100 and the server 200 is not particularlylimited.

Furthermore, although the above description has been made on theassumption that the information processing device 100 is a mobile phoneterminal including a smartphone, the type of the information processingdevice 100 is not limited thereto. For example, the informationprocessing device 100 may be any one of information processing devicesincluding a general-purpose computer, a personal computer (PC), a laptopPC, a tablet PC, any wearable terminal, a portable media playbackdevice, a portable game device, and the like.

(Device Host 110)

The device host 110 is an information processing device that includes anintegrated circuit including a central processing unit (CPU), a readonly memory (ROM), a random access memory (RAM), and the like. Then, thedevice host 110 executes various processes and the like by an operatingsystem using one or two or more programs stored in the ROM. Examples ofthe operating system include, but are not limited to, Android(registered trademark), iOS, Windows (registered trademark), and thelike.

(Secure Element 120)

The secure element 120 is a functional configuration that functions as aprotection storage unit. More specifically, the secure element 120 is asecurity module having tamper resistance (for example, a security chipor the like) and can protect data stored in a storage unit (for example,a memory or the like) provided in itself, access to the storage unit, aprocess executed by itself, and the like. Moreover, the secure element120 has an encryption function, and can encrypt important data and storeit in the storage unit.

Furthermore, the secure element 120 can perform an arbitrary processalong with short-range wireless communication with an external device.For example, the secure element 120 can read data from the storage unitprovided in itself or update data in response to a request from anexternal device. Note that the process by the secure element 120 is notlimited thereto. For example, the secure element 120 may execute anarbitrary process along with communication with the server 200 or thedevice host 110. For example, the secure element 120 may read data fromthe storage unit provided in itself or update data in response to arequest from the server 200.

The secure element 120 may be provided in a subscriber identity module(SIM) card or the like in the information processing device 100, but isnot limited thereto. For example, the secure element 120 may be providedin any configuration other than the SIM card in the informationprocessing device 100, or may be provided in any device other than theinformation processing device 100 (for example, the server 200 or thelike).

(CLF 130)

The CLF 130 is also called a near field communication (NFC) controller,and performs communication with the reader-writer 300 based on NFCstandards. More specifically, the CLF 130 transmits and receives data toand from the reader-writer 300 existing within a communicable range(range of 0 to 10 cm) by short-range wireless communication. Forexample, in a case where the CLF 130 has received a wireless signal fromthe reader-writer 300, the CLF 130 provides data included in thewireless signal to the device host 110 or the secure element 120.Furthermore, the CLF 130 generates a wireless signal for transmissionusing data provided from the device host 110 or the secure element 120,and transmits the wireless signal to the reader-writer 300. Note thatthe CLF 130 may be replaced with another configuration having a functionsimilar to the above.

(Server 200)

The server 200 is a server that manages the information processingdevice 100 or a service and the like provided through the informationprocessing device 100. The server 200 performs various processes alongwith predetermined communication with the information processing device100. For example, the server 200 receives various data stored in thesecure element 120 from the information processing device 100. Then, theserver 200 outputs action history data, preference data, and the like ofthe user using the information processing device 100 by accumulating thedata and performing statistical analysis, and provides various serviceson the basis of these data. Note that processes performed by the server200 or contents of services provided are not particularly limited.Furthermore, the communication method between the server 200 and theinformation processing device 100 is not particularly limited.

(Reader-Writer 300)

The reader-writer 300 is an information processing device that performsshort-range wireless communication with the information processingdevice 100 when the information processing device 100 is held over it bythe user. Furthermore, although not illustrated, the reader-writer 300can also communicate with an arbitrary information processing device (adevice other than the information processing device 100). For example,when the reader-writer 300 is connected to an arbitrary informationprocessing device provided in a store (hereinafter, referred to as a“store device”), various data obtained from the information processingdevice 100 (for example, identification data of the informationprocessing device 100, electronic money data or coupon data, and thelike) can be provided to the store device, or various data provided fromthe store device (for example, receipt data and the like) can beprovided to the information processing device 100.

Note that the communication method between the reader-writer 300 and theinformation processing device 100 is assumed to be short-range wirelesscommunication, but is not limited thereto. For example, thecommunication method between the reader-writer 300 and the informationprocessing device 100 may be any non-contact communication methodincluding Wireless Fidelity (Wi-Fi) or Bluetooth (registered trademark)and the like, or may be an arbitrary non-contact contact communicationmethod. Furthermore, the communication method between the reader-writer300 and the store device is not particularly limited.

2.2. Functional Configuration Example of Secure Element 120

The configuration example of the information processing system accordingto the present embodiment has been described above. Next, a functionalconfiguration example of the secure element 120 will be described.

As illustrated in FIG. 2, the secure element 120 includes a control unit121, a first storage unit 122, and a second storage unit 123.

(First Storage Unit 122)

The first storage unit 122 is a storage area that can be accessed on thebasis of control by the control unit 121, and can prevent tampering ofdata and the like by an external device by eliminating direct accessfrom the external device. Furthermore, the first storage unit 122 isalso a storage area for storing data used for processing by the controlunit 121. More specifically, the first storage unit 122 stores processtarget data, programs, or setting files, and the like used forprocessing by the control unit 121.

Here, a data structure that the first storage unit 122 has will bedescribed with reference to FIG. 3. As illustrated in FIG. 3, the firststorage unit 122 manages data according to a predetermined hierarchicalstructure. More specifically, the first storage unit 122 manages data ina unit of “area”, “service”, or “user block data”. The “area” is alsocalled a directory and is a concept of bundling data under thedirectory, and a plurality of areas can exist in one hierarchicalstructure. The area is basically formed in units of informationprocessing systems, and thus a plurality of areas can be formed in acase where the secure element 120 corresponds to a plurality ofinformation processing systems. However, without being limited thereto,a plurality of areas may be formed in one information processing system,or one area may be shared by a plurality of information processingsystems.

The “service” is a concept for managing an access right to data, anencryption method, and the like. More specifically, data stored underthe service is controlled based on an access right or an encryptionmethod defined for the service, or the like. For example, it is assumedthat a service A in FIG. 3 stores unencrypted data, and a service Bstores data encrypted by a predetermined encryption method. In thiscase, user block data A-1 and user block data A-2, which are data ofrelatively low importance, can be stored under the service A withoutbeing encrypted. On the other hand, user block data B-1, which is dataof relatively high importance, can be encrypted by the encryption methoddefined by the service B and stored under the service B. A plurality ofservices can exist in one hierarchical structure.

The “user block data” is a storage area for storing data used forprocessing by the secure element 120 or is data itself, and a pluralityof pieces of user block data may exist in one hierarchical structure.

Note that the data structure of the first storage unit 122 is notlimited to the above. For example, the data structure of the firststorage unit 122 may be implemented by another concept corresponding to“area”, “service”, or “user block data”.

(Control Unit 121)

The control unit 121 is a functional configuration that comprehensivelycontrols overall processing performed by the secure element 120. Morespecifically, in a case where request information from an externaldevice is received by CLF 130 through the short-range wirelesscommunication between the information processing device 100 and theexternal device, the control unit 121 performs a process based on therequest information. For example, the control unit 121 performs readingor updating or the like of data stored in the first storage unit 122(for example, data in the user block data, or the user block dataitself) on the basis of the request information. Note that processescontrolled by the control unit 121 are not limited to the above. Forexample, the control unit 121 may control an arbitrary process alongwith communication with the server 200 or the device host 110.

Then, after the above process is completed, the control unit 121 storesdata related to the process in the second storage unit 123. Morespecifically, the control unit 121 stores process target data stored infirst storage unit 122 after the process in the second storage unit 123.

Here, an example of data stored by the control unit 121 in the secondstorage unit 123 will be described with reference to FIG. 4. The controlunit 121 stores process target data and a path of the process targetdata in the first storage unit 122 in the second storage unit 123 asillustrated in FIG. 4. Moreover, the control unit 121 calculates a hashvalue of the process target data, and stores the hash value together inthe second storage unit 123.

In this way, the device host 110 can appropriately know the contents ofthe process by obtaining these data from the second storage unit 123.For example, even if an update process of data in the first storage unit122 is performed a plurality of times before the device host 110 obtainsthese data, all the process target data are stored in the second storageunit 123 without being overwritten, and thus the device host 110 canobtain these data from the second storage unit 123, and canappropriately know the contents of all processes (in other words, thetechnology of the present disclosure is particularly effective in a casewhere an update process of data occurs frequently). Furthermore, thedevice host 110 can calculate a hash value using the obtained processtarget data and confirm that the hash value matches a hash valueobtained from the second storage unit 123, to thereby verify integrityof the process target data. For example, as an example in which theserver 200 verifies integrity of data obtained from the second storageunit 123 in the secure element 120, verification using a messageauthentication code (MAC) or an electronic signature, or the like isconceivable.

Note that the data stored in the second storage unit 123 by the controlunit 121 is not limited to the above. More specifically, the controlunit 121 may appropriately omit part of the data illustrated in FIG. 4.For example, the control unit 121 may omit a path, a hash value, or thelike. Furthermore, the control unit 121 may appropriately add data otherthan the data illustrated in FIG. 4. For example, the control unit 121may add data related to an attribute (for example, contents, type ofimportance, or the like) of the process target data. Furthermore, thecontrol unit 121 may replace data illustrated in FIG. 4 with anotherdata corresponding thereto. For example, the control unit 121 mayreplace a path of process target data with any data that can specify theprocess target data. Furthermore, the control unit 121 may calculate ahash value including not only process target data but also data otherthan the process target data (for example, a path of the process targetdata). Thus, the device host 110 can verify integrity of data includingnot only the process target data but also data other than the processtarget data.

Furthermore, the control unit 121 does not always store data related toa process in the second storage unit 123 after the process ends, and cancontrol whether or not to store the data related to the process in thesecond storage unit 123.

For example, the control unit 121 can control whether or not to storedata related to a process in the second storage unit 123 on the basis ofthe contents of the process. More specifically, in a case where thecontents of a process include update of data stored in the first storageunit 122, the control unit 121 may store data related to the process inthe second storage unit 123, as described above. On the other hand, forexample, in a case where the contents of a process include only readingof data stored in the first storage unit 122, the control unit 121 doesnot need to store data related to the process in the second storage unit123. In other words, in a case where the contents of a process includeonly reading of data, the data will not be changed, and thus the devicehost 110 does not need to know the process target data of the process(or may have already grasped the process target data) in some cases.Thus, the control unit 121 does not need to store the data related tothe process in the second storage unit 123.

Furthermore, the control unit 121 may control whether or not to storedata related to a process in the second storage unit 123 on the basis ofa storage area in which process target data is stored. Morespecifically, in a case where process target data is stored under aservice for encrypted data in the data structure illustrated in FIG. 3,the control unit 121 determines that the importance of the processtarget data is relatively high, and does not need to store data relatedto the process in the second storage unit 123. In other words, thecontrol unit 121 may control whether or not to store the data related tothe process in the second storage unit 123 on the basis of presence orabsence of encryption of the process target data (or some index valueindicating importance).

With the above control, the control unit 121 can reduce waste of theamount of data stored in the second storage unit 123. Note that themethod of controlling whether or not to store data related to a processin the second storage unit 123 is not limited to the above. Furthermore,the example in which the control unit 121 performs a process using thedata in the first storage unit 122, and then stores data related to theprocess in the second storage unit 123, has been described above.However, timing when the control unit 121 stores data related to aprocess in the second storage unit 123 is not limited thereto. Forexample, the control unit 121 may store data related to a process in thesecond storage unit 123 during the process. Furthermore, the controlunit 121 may store data related to a process in a storage unit outsidethe secure element 120. For example, the control unit 121 may store datarelated to a process in the storage unit 113 of the device host 110.This makes it possible to omit the process in which the device host 110obtains data related to a process from the second storage unit 123.

In addition, in a case where the control unit 121 has performed aprocess using data in the first storage unit 122, the control unit 121notifies the device host 110 of an end of process at the timing when theprocess has ended. Thus, the device host 110 can recognize the timingwhen the process has ended. Note that the timing when a process hasended may refer to timing when carrier waves from the reader-writer 300are no longer received, or may refer to timing when the control unit 121recognizes that a series of processes has all ended. Here, sinceprocessing time by the control unit 121 is short (for example, less thanone second to several seconds), the timing when a process has ended maybe interpreted as “timing when a process has been performed”. In otherwords, the notification enables the device host 110 to recognize timingwhen a process has been performed. The device host 110 can obtain thedata related to the process stored in the second storage unit 123 whenbeing triggered by recognition of the timing when the process has beenperformed. Details will be described later.

Note that the timing when the control unit 121 performs the notificationis not limited to the above. For example, the control unit 121 maynotify the device host 110 at timing when a process has been started.Note that the timing when a process has been started may refer to timingwhen carrier waves from the reader-writer 300 have been detected, or mayrefer to timing when a series of processes has been started by thecontrol unit 121. As described above, since processing time by thecontrol unit 121 is short, the timing when a process has been startedmay be interpreted as “timing when a process has been performed”. Inthis case, after having received the notification, the device host 110attempts to obtain the data at timing when it is expected that the datarelated to the process has been stored in the second storage unit 123.Details will be described later.

Furthermore, the control unit 121 may notify the device host 110 attiming when execution of a process is expected. For example, after auser authentication process is performed by a predetermined method (forexample, biometric authentication such as fingerprint authentication,iris authentication, or vein authentication, password authentication, orthe like), there is a possibility that an arbitrary process including aprice settlement process is performed. Therefore, in a case where thecontrol unit 121 is notified by the device host 110 or the like that theuser authentication process has succeeded, the control unit 121 may givethe above notification to the device host 110.

Furthermore, the control unit 121 does not always notify the device host110 in a case where the control unit 121 performs a process using dataof the first storage unit 122, and whether or not to notify the devicehost 110 can be controlled. For example, in a case where the controlunit 121 does not store data related to a process in the second storageunit 123, there is no data to be obtained by the device host 110 in thesecond storage unit 123, and thus the control unit 121 does not need tonotify the device host 110. Note that the method of controllingnotification to the device host 110 is not limited thereto.

Furthermore, the notification may not only transmit timing when aprocess has been performed (or timing when a process has ended or timingwhen a process has been started), or the like, but may also transmitother data, depending on the notification timing (in other words, thecontents of the notification are not particularly limited). For example,the notification may include data related to the contents of a process(for example, type of importance of the process, or the like), so as totransmit the data to the device host 110. Thus, the device host 110 cancontrol a process of obtaining data from the second storage unit 123, orthe like on the basis of the data included in the notification.

Then, in a case where the device host 110 has requested to obtain datafrom the second storage unit 123 on the basis of the notification, thecontrol unit 121 obtains data from the second storage unit 123 inresponse to the request, and provides the data to the device host 110.At this time, the control unit 121 deletes data that has been providedto the device host 110 from the second storage unit 123. Thus, thecontrol unit 121 can increase free spaces of the second storage unit123. Note that the timing when the control unit 121 deletes the datastored in the second storage unit 123 (in other words, a data retentionperiod of the second storage unit 123) is not limited thereto.

Note that the contents of control by the control unit 121 is not limitedto the above. For example, the control unit 121 may control a processgenerally performed in any one of information processing devicesincluding a general-purpose computer, a PC, a laptop PC, a tablet PC,any wearable terminal, a portable media playback device, a portable gamedevice, and the like.

(Second Storage Unit 123)

The second storage unit 123 is a storage area that stores data relatedto the process described with reference to FIG. 4. More specifically, asillustrated in FIG. 4, the second storage unit 123 stores process targetdata, a path of the process target data in the first storage unit 122, ahash value of the process target data, and the like. Note that thenumber, data structure, and the like of the second storage unit 123 arenot particularly limited.

The functional configuration example of the secure element 120 has beendescribed above. Note that the above functional configuration describedwith reference to FIG. 2 is merely an example, and the functionalconfiguration of the secure element 120 is not limited to this example.Furthermore, the functional configuration of the secure element 120 canbe flexibly transformed according to specifications and operation.

2.3. Functional Configuration Example of Device Host 110

In the foregoing, the functional configuration example of the secureelement 120 has been described. Next, a functional configuration exampleof the device host 110 will be described.

As illustrated in FIG. 2, the device host 110 includes a control unit111, a data obtaining unit 112, a storage unit 113, an input unit 114,an output unit 115, and a communication unit 116.

(Data Obtaining Unit 112)

The data obtaining unit 112 is a functional configuration that obtainsdata related to a process stored in the second storage unit 123 inresponse to a notification provided from the control unit 121 of thesecure element 120. More specifically, in a case where the dataobtaining unit 112 has received a notification from the control unit121, the data obtaining unit 112 generates request information of datarelated to a process and provides the request information to the controlunit 121. Thus, the control unit 121 obtains all data related to theprocess stored in the second storage unit 123, provides the data to thedata obtaining unit 112, and deletes the data stored in the secondstorage unit 123. Note that this is only an example, and the dataobtaining unit 112 may obtain only a part of the data related to theprocess stored in the second storage unit 123. For example, the dataobtaining unit 112 grasps the contents of data stored in the secondstorage unit 123 by some method (for example, index information of thesecond storage unit 123, or information included in the notification, orthe like), and may obtain necessary data or data with higher importancepreferentially. Furthermore, even when there is no notification from thecontrol unit 121, the data obtaining unit 112 may spontaneously attemptto obtain data related to a process from the second storage unit 123.

Furthermore, the data obtaining unit 112 obtains data related to timingof a process by the secure element 120 from outside the secure element120 according to the notification provided from the control unit 121.More specifically, by that the information processing device 100includes a functional configuration (not illustrated) capable ofoutputting time data (or is capable of communicating with a devicecapable of outputting time data), in a case where the data obtainingunit 112 has received the notification, the data obtaining unit 112 canobtain time data of reception timing thereof from the functionalconfiguration. As described above, since the notification is performedat timing when a process has been performed by the secure element 120,the data obtaining unit 112 can obtain data related to timing of theprocess by the secure element 120 by the process. As described above,although the secure element 120 cannot obtain data related to timing ofa process, various functions become possible by the data obtaining unit112 obtaining data related to timing of a process by the process.Details will be described later. Note that the functional configurationcapable of outputting time data may be, for example, a clock or thelike, but is not limited thereto. Furthermore, instead of obtaining thetime data of reception timing of the notification, the data obtainingunit 112 may obtain time data of timing when the notification ispredicted to be transmitted by the control unit 121, or may obtain timedata on the basis of data included in the notification (in a case wherethe notification includes data related to timing of a process).

Furthermore, without being limited to the data related to timing of aprocess, the data obtaining unit 112 may obtain arbitrary data that thesecure element 120 cannot obtain from outside the secure element 120.For example, by that the information processing device 100 includes afunctional configuration (not illustrated) capable of outputting datarelated to the position of an own device, data related to a surroundingsituation of the position (for example, environmental sound data,peripheral image data, and the like), data related to the user of theown device, data related to operation of the own device or action of theuser, or the like (or is capable of communicating with a device capableof outputting these data), in a case where the data obtaining unit 112has received the notification, the data obtaining unit 112 can obtainthese data from this functional configuration at reception timingthereof.

Thus, the data obtaining unit 112 can know the position of the owndevice, the surrounding situation of the position, the user of the owndevice, or the operation of the own device or the action of the user, orthe like at timing when a process has been performed by the secureelement 120. As described above, the secure element 120 cannot obtainthese data, but various functions become possible by the data obtainingunit 112 obtaining these data by the process. Note that data obtained bythe data obtaining unit 112 is not limited to the above. Furthermore,the data obtaining unit 112 may determine whether or not the secureelement 120 can obtain each piece of data described above, and obtaineach piece of data only in the case of determining that the secureelement 120 cannot obtain each piece of data described above.

Here, the functional configuration capable of outputting data related tothe position of the information processing device 100 is, for example, aglobal navigation satellite system (GNSS) sensor (including a globalpositioning system (GPS) sensor) capable of outputting latitude data,longitude data, or altitude data, a barometric pressure sensor capableof outputting altitude data, or the like but is not limited thereto. Forexample, a functional configuration capable of estimating the positionof the information processing device 100 on the basis of sensing data ofa motion sensor (including an acceleration sensor, a gyro sensor, or thelike) or the like may be used. Further, the functional configurationcapable of outputting data related to the surrounding situation of theposition of the information processing device 100 may be, for example, amicrophone capable of obtaining surrounding environmental sound, acamera capable of outputting a surrounding image, or the like, but isnot limited thereto. Furthermore, the functional configuration capableof outputting data related to the user of the own device may be afunctional configuration capable of implementing, for example, userauthentication by a predetermined method (for example, biometricauthentication such as fingerprint authentication, iris authentication,or vein authentication, password authentication, or the like), or afunctional configuration capable of implementing user estimation by apredetermined method (for example, user estimation based on biologicaldata including pulse data and the like), but is not limited thereto.Moreover, the functional configuration capable of outputting datarelated to operation of the own device or action of the user may be, forexample, a motion sensor (including an acceleration sensor, a gyrosensor, or the like) or the like, but is not limited thereto.

The data obtaining unit 112 provides the control unit 111 with datarelated to a process obtained from the secure element 120 and datarelated to timing of a process or the like obtained from outside thesecure element 120.

(Control Unit 111)

The control unit 111 associates data related to a process obtained fromthe secure element 120 with data related to timing of the process or thelike obtained from outside the secure element 120, and uses these datafor various kinds of processes.

Describing more specifically, the data related to the process obtainedfrom the secure element 120 includes a hash value of process target dataas illustrated in FIG. 4. Therefore, the control unit 111 firstcalculates a hash value using the obtained process target data, andconfirms that the hash value matches a hash value obtained from thesecond storage unit 123, so as to verify integrity of the process targetdata. If the hash value calculated using the process target data doesnot match the hash value obtained from the second storage unit 123, thecontrol unit 111 may determine that the process target data may havebeen tampered and stop a subsequent process.

In a case where the verification of integrity of the process target datais successful, the control unit 111 stores the data related to theprocess obtained from the secure element 120 and the data related totiming of the process or the like obtained from outside the secureelement 120 in association with each other in the storage unit 113.Here, an example of data stored in the storage unit 113 will bedescribed with reference to FIG. 5. In FIG. 5, data 10 is data relatedto a process obtained from the secure element 120, and the control unit111 stores the data 10 in the storage unit 113 in association with data20 related to timing of the process or the like obtained from outsidethe secure element 120.

Then, for example, the control unit 111 causes the output unit 115 tooutput the process target data by a predetermined method. Morespecifically, in a case where the process performed by the secureelement 120 is a price settlement process, the control unit 111 maycause the output unit 115 to output data related to a price settlementamount or balance included in the process target data. Further, in acase where the process performed by the secure element 120 is a useprocess or obtaining process of a coupon, the control unit 111 may causethe output unit 115 to output data related to the coupon included in theprocess target data. Furthermore, in a case where the process performedby the secure element 120 is an electronic money charging process, thecontrol unit 111 may cause the output unit 115 to output data related toa charge amount included in the process target data. Moreover, in a casewhere the process performed by the secure element 120 is a process ofobtaining campaign data, the control unit 111 may cause the output unit115 to output campaign data included in the process target data.

Through these processes, after causing the information processing device100 to perform various processes by holding the information processingdevice 100 over the reader-writer 300, for example, the user can confirmresults of the processes and the like by an output from the output unit115. Note that the control by the control unit 111 is not limited to theabove. For example, even if the verification of integrity of the processtarget data fails, the control unit 111 may control the output and thelike by the output unit 115 without stopping a subsequent process.

Furthermore, the control unit 111 may perform the above process usingnot only the process target data, but also data related to timing of aprocess or the like obtained from outside the secure element 120. Morespecifically, when causing the output unit 115 to perform an output, thecontrol unit 111 may also cause the output unit 115 to output togetherdata related to timing of a process, data related to the position of theown device, data related to the surrounding situation of the position,data related to the user of the own device, or data related to operationof the own device or action of the user, or the like, or output theresult of a predetermined process using these data. For example, thecontrol unit 111 may cause the output unit 115 to output together notonly the data related to the price settlement amount or balance includedin the process target data, but also timing (for example, date and time)when the price settlement process has been performed, a position (forexample, store) thereof, or the like obtained from outside the secureelement 120.

Through these processes, the user can know more abundant information.Furthermore, the control unit 111 may cause the output unit 115 tooutput together arbitrary data obtained from outside the secure element120 other than the above.

Furthermore, the control unit 111 may provide the server 200 with datain which data related to a process obtained from the secure element 120and data related to timing of the process or the like obtained fromoutside the secure element 120 are associated. Thus, by accumulating andstatistically analyzing these data, the server 200 can output actionhistory data, preference data, and the like of the user of theinformation processing device 100, and provide various services on thebasis of these data.

Furthermore, the control unit 111 may control a process generallyperformed in any one of information processing devices including ageneral-purpose computer, a PC, a laptop PC, a tablet PC, any wearableterminal, a portable media playback device, a portable game device, andthe like.

(Storage Unit 113)

The storage unit 113 is a functional configuration that stores variousdata. For example, as described with reference to FIG. 5, the storageunit 113 stores data in which data related to a process obtained fromthe secure element 120 and data related to timing of the process or thelike obtained from outside the secure element 120 are associated, andthe like. Furthermore, the storage unit 113 stores a program or aparameter or the like used by each functional configuration of thedevice host 110. Note that the contents of data stored in the storageunit 113 are not limited thereto.

(Input Unit 114)

The input unit 114 is a functional configuration that receives an inputby the user. For example, the input unit 114 receives inputs performedby the user using various input units (not illustrated. For example, amouse, a keyboard, a touch panel, a button, a switch, a microphone, orthe like). The input unit 114 implements various processes by thecontrol unit 111 by providing input contents to the control unit 111.Note that the input unit is not limited to the above.

(Output Unit 115)

The output unit 115 is a functional configuration that outputs variousdata. For example, the output unit 115 can cause various output units(not illustrated. For example, a display unit such as a display or anaudio output unit such as a speaker) to output various data. Morespecifically, as described above, on the basis of control by the controlunit 111, the output unit 115 outputs process target data, data relatedto timing of a process, or the like obtained from outside the secureelement 120, or the like (by displaying on a display, outputting byaudio, or the like). Note that the output unit is not limited to theabove.

(Communication Unit 116)

The communication unit 116 is a functional configuration that performsvarious types of communication with an external device including theserver 200. For example, to the server 200, the communication unit 116may transmit a wireless signal including data in which data related to aprocess obtained from the secure element 120 and data related to timingof the process or the like obtained from outside the secure element 120are associated. Further, the communication unit 116 may receive awireless signal including arbitrary data used for processing by thedevice host 110 or the secure element 120 from the server 200. Note thatdata to be communicated by the communication unit 116 and cases tocommunicate are not limited thereto. Furthermore, as described above,the communication method between the communication unit 116 and theserver 200 is not particularly limited.

The functional configuration example of the device host 110 has beendescribed above. Note that the above functional configuration describedwith reference to FIG. 2 is merely an example, and the functionalconfiguration of the device host 110 is not limited to this example. Forexample, the device host 110 does not necessarily need to include thewhole of the configuration illustrated in FIG. 2. In addition, thefunctional configuration of the device host 110 can be flexiblytransformed according to specifications and operation.

2.4. Examples of Process Flows

In the foregoing, the functional configuration example of the devicehost 110 has been described. Next, examples of process flows in theinformation processing system will be described.

First, with reference to FIG. 6, an example of a process flow performedalong with short-range wireless communication between the informationprocessing device 100 and the reader-writer 300 will be described.

First, as the user holds the information processing device 100 over thereader-writer 300, the information processing device 100 enters a rangewhere it can receive carrier waves emitted from the reader-writer 300.Then, in step S1000, the reader-writer 300 transmits a wireless signalincluding update request information for data stored in first storageunit 122 of the secure element 120. In step S1004, the CLF 130 receivesthe wireless signal from the reader-writer 300, and provides the updaterequest information included in the wireless signal to the secureelement 120. Then, the control unit 121 of the secure element 120updates the data stored in the first storage unit 122 on the basis ofthe update request information. Then, on the basis of a notification ofupdate completion being received from the first storage unit 122 in stepS1008, the control unit 121 stores data related to the process in thesecond storage unit 123 in step S1012. In step S1016, the control unit121 receives a notification of storage completion from the secondstorage unit 123.

In step S1020, the reader-writer 300 stops transmitting the carrierwaves (or the information processing device 100 goes out of the rangewhere it can receive the carrier waves emitted from reader-writer 300).Thus, in step S1024, the control unit 121 of the secure element 120recognizes an end of process and notifies the device host 110 of the endof process.

In step S1028, the data obtaining unit 112 of the device host 110requests a clock, various sensors, or the like to provide various datathat the secure element 120 cannot obtain (for example, data related totiming of the process or the like) on the basis of the notification ofthe end of process. In step S1032, the clock, various sensors, or thelike obtains various data in response to the request and provides thedata to the data obtaining unit 112.

In step S1036, the data obtaining unit 112 generates request informationof data related to the process, and provides the information to thesecure element 120. In step S1040 and step S1044, the control unit 121of the secure element 120 obtains all data related to the process storedin the second storage unit 123 on the basis of the information. In stepS1048, the control unit 121 provides the data related to the process tothe device host 110.

In step S1052, the control unit 111 of the device host 110 verifiesintegrity of process target data included in the data related to theprocess. More specifically, the control unit 111 calculates a hash valueusing the process target data, and confirms that the hash value matchesa hash value included in the data related to the process, to therebyverify integrity of the process target data. In a case where theverification of integrity of the process target data is successful, instep S1056, the control unit 111 stores the data related to the processobtained from the secure element 120 and various data obtained fromoutside the secure element 120 in association with each other in thestorage unit 113. In step S1060, the control unit 111 receives anotification of storage completion from the storage unit 113, and theseries of processes ends. Note that although not illustrated, thecontrol unit 111 may perform the various processes described above usingthe data related to the processes associated with each other or thevarious data obtained from outside the secure element 120.

Thus, the information processing device 100 can provide useful data tothe user. More specifically, the information processing device 100 canprovide the user with not only process target data but also data relatedto timing of a process or the like that the secure element 120 cannotobtain.

Next, an example of a process flow performed along with communicationbetween the information processing device 100 and the server 200 will bedescribed with reference to FIG. 7.

In step S1100, the server 200 transmits to the device host 110 awireless signal including update request information for data stored inthe first storage unit 122 of the secure element 120. For example, theserver 200 transmits a wireless signal including request informationrelated to electronic money charging to the device host 110.

In step S1104, the control unit 111 of the device host 110 provides theupdate request information for data included in the received wirelesssignal to the secure element 120. In step S1108, the control unit 121 ofthe secure element 120 updates the data stored in the first storage unit122 on the basis of the update request information, thereby achievingelectronic money charging or the like. Then, on the basis of anotification of update completion being received from the first storageunit 122 in step S1112, the control unit 121 stores data related to theprocess in the second storage unit 123 in step S1116. In step S1120, thecontrol unit 121 receives a notification of storage completion from thesecond storage unit 123.

In step S1124, the control unit 121 recognizes an end of process andnotifies the device host 110 of the end of process. The process of stepsS1128 to S1160 performed thereafter is the same as the process of stepsS1028 to S1060 in FIG. 6, and a description thereof will be omitted.

Note that the respective steps in the sequence diagrams illustrated inFIGS. 6 and 7 do not necessarily need to be processed in chronologicalorder in the order described. That is, each step in the sequencediagrams may be processed in an order different from the describedorder, or may be processed in parallel.

2.5. Hardware Configuration Example of Information Processing Device 100

The example of the process flows in the information processing systemhas been described above. Next, a hardware configuration example of theinformation processing device 100 will be described with reference toFIG. 8. The various processes described above are achieved bycooperation between software and hardware described below.

FIG. 8 is a block diagram illustrating a hardware configuration exampleof the information processing device 100. The information processingdevice 100 includes a central processing unit (CPU) 901, a read onlymemory (ROM) 902, a random access memory (RAM) 903, a host bus 904, abridge 905, an external bus 906, an interface 907, an input device 908,an output device 909, a storage device (HDD) 910, a drive 911, and acommunication device 912.

The CPU 901 functions as an arithmetic processing device and a controldevice, and controls overall operation of the information processingdevice 100 according to various programs. Furthermore, the CPU 901 maybe a microprocessor. The ROM 902 stores programs and calculationparameters and the like used by the CPU 901. The RAM 903 temporarilystores a program used in execution by the CPU 901, parameters thatchange as appropriate during the execution, and the like. These areconnected to each other via the host bus 904 including a CPU bus or thelike. The functions of the control unit 111 or the data obtaining unit112 of the device host 110 or the control unit 121 of the secure element120 are implemented by cooperation of the CPU 901, the ROM 902, and theRAM 903.

The host bus 904 is connected to the external bus 906 such as aperipheral component interconnect/interface (PCI) bus via the bridge905. Note that the host bus 904, the bridge 905, and the external bus906 are not necessarily configured separately, and their functions maybe mounted on one bus.

The input device 908 includes a mouse, a keyboard, a touch panel, abutton, a microphone, a switch, a lever, and the like, and is used bythe user to input various data. The input device 908 includes an inputcontrol circuit that generates an input signal on the basis of an inputfrom the user and outputs the input signal to the CPU 901, and the like.To the input unit 114 of the device host 110, the input signal generatedby the input device 908 is input.

For example, the output device 909 includes display devices such as acathode ray tube (CRT) display device, a liquid crystal display (LCD)device, an organic light emitting diode (OLED) device, and a lamp.Moreover, the output device 909 includes an audio output device such asa speaker and headphones. The output device 909 displays various datasuch as video data by an image or a text. On the other hand, the audiooutput device converts audio data and the like into audio and outputsthe audio. The function of the output unit 115 of the device host 110 isimplemented by the output device 909.

The storage device 910 is a device for storing data configured as anexample of the storage unit 113 of the device host 110, or the firststorage unit 122 or the second storage unit 123 of the secure element120. The storage device 910 may include a storage medium, a recordingdevice that records data on the storage medium, a reading device thatreads data from the storage medium, a deletion device that deletes datarecorded on the storage medium, and the like. The storage device 910includes, for example, a hard disk drive (HDD). The storage device 910drives a hard disk and stores programs executed by the CPU 901 andvarious data.

The drive 911 is a reader-writer for a storage medium, and is built inor externally attached to the information processing device 100. Thedrive 911 reads information recorded on a removable storage medium 913such as a magnetic disk, an optical disk, a magneto-optical disk, or asemiconductor memory mounted, and outputs the information to the RAM903. Furthermore, the drive 911 can also write information to theremovable storage medium 913.

The communication device 912 is, for example, a communication interfaceincluding a communication device for connecting to the communicationnetwork 914, or the like. The function of the communication unit 116 ofthe device host 110 or the CLF 130 is achieved by the communicationdevice 912.

Note that the hardware configuration of the information processingdevice 100 is not limited to the configuration illustrated in FIG. 8.For example, the information processing device 100 does not need toinclude the communication device 912 in a case of performingcommunication via an external communication device connected thereto.Furthermore, the communication device 912 may be capable of performingcommunication by a plurality of communication methods.

3. SUMMARY

As described above, in a case where the secure element 120 has performeda process using data of the first storage unit 122, the secure element120 according to the present disclosure stores data related to theprocess in the second storage unit 123, and provides a predeterminednotification to the device host 110. Then, the device host 110 canappropriately know the contents of the process by obtaining the datarelated to the process from the second storage unit 123 on the basis ofthe notification.

Furthermore, on the basis of the notification, the device host 110obtains arbitrary data that the secure element 120 cannot obtain andincludes data related to timing of the process or the like, from outsidethe secure element 120. Thus, the device host 110 can perform variousprocesses using the data related to the process obtained from the secureelement 120, the data related to the timing of the process obtained fromoutside the secure element 120, and the like.

The preferred embodiments of the present disclosure have been describedabove in detail with reference to the accompanying drawings, but thetechnical scope of the present disclosure is not limited to suchexamples. It is apparent that a person having ordinary knowledge in thetechnical field of the present disclosure can devise various changeexamples or modification examples within the scope of the technical ideadescribed in the claims, and it will be naturally understood that theyalso belong to the technical scope of the present disclosure.

Furthermore, the effects described in the present description are merelyillustrative or exemplary and are not limited. That is, the technologyaccording to the present disclosure can exhibit other effects that areapparent to those skilled in the art from the present description inaddition to or instead of the above effects.

Note that configurations as follows also belong to the technical scopeof the present disclosure.

(1)

An information processing device including:

a data obtaining unit that, on the basis of a notification from aprotection storage unit, obtains data related to timing of a process bythe protection storage unit; and

a control unit that associates the data related to the timing of theprocess with data related to the process.

(2)

The information processing device according to above (1), in which

the data obtaining unit obtains the data related to the timing of theprocess from outside the protection storage unit.

(3)

The information processing device according to above (2), in which

the data obtaining unit obtains data related to a position of theprotection storage unit at the timing of the process, data related to asurrounding situation of the position, data related to a user of theprotection storage unit, or data related to operation of the protectionstorage unit or action of the user together from outside the protectionstorage unit.

(4)

The information processing device according to any one of above (1) to(3), in which

the data obtaining unit obtains the data related to the process from theprotection storage unit.

(5)

The information processing device according to above (4), in which

the protection storage unit includes a first storage unit that storestarget data of the process, and a second storage unit that stores thedata related to the process, and

the data obtaining unit obtains the data related to the process from thesecond storage unit.

(6)

The information processing device according to above (5), in which

the protection storage unit stores the target data of the process whichis stored in the first storage unit after the process, in the secondstorage unit as the data related to the process.

(7)

The information processing device according to above (6), in which

the protection storage unit controls storage of the data related to theprocess in the second storage unit on the basis of contents of theprocess.

(8)

The information processing device according to above (7), in which

in a case where the contents of the process include update of data,

the protection storage unit stores the data related to the process inthe second storage unit.

(9)

The information processing device according to above (7), in which

in a case where the contents of the process include only reading ofdata,

the protection storage unit does not store the data related to theprocess in the second storage unit.

(10)

The information processing device according to above (6), in which

the protection storage unit controls storage of the data related to theprocess in the second storage unit on the basis of presence or absenceof a storage area in which the target data of the process is stored orencryption of the target data of the process.

(11)

The information processing device according to above (10), in which

in a case where the target data of the process is stored in a storagearea for encrypted data in the first storage unit, or in a case wherethe target data of the process is encrypted,

the protection storage unit does not store the data related to theprocess in the second storage unit.

(12)

The information processing device according to any one of above (6) to(11), in which

the protection storage unit calculates a hash value of the target dataof the process, and stores the target data of the process and the hashvalue in the second storage unit as the data related to the process.

(13)

The information processing device according to any one of above (1) to(12), in which

the protection storage unit performs the process along with short-rangewireless communication with an external device.

(14)

The information processing device according to any one of above (1) to(13), in which

the notification is performed at timing when the process has ended, attiming when the process has been started, or at timing when execution ofthe process is expected.

(15)

The information processing device according to any one of above (1) to(14), in which

the protection storage unit includes a secure element, and

the information processing device includes a device host.

(16)

An information processing method executed by a computer, the methodincluding:

on the basis of a notification from a protection storage unit, obtainingdata related to timing of a process by the protection storage unit; and

associating the data related to the timing of the process with datarelated to the process.

REFERENCE SIGNS LIST

-   100 Information processing device-   110 Device host-   111 Control unit-   112 Data obtaining unit-   113 Storage unit-   114 Input unit-   115 Output unit-   116 Communication unit-   120 Secure element-   121 Control unit-   122 First storage unit-   123 Second storage unit-   130 CLF-   200 Server-   300 Reader-writer

1. An information processing device comprising: a data obtaining unitthat, on a basis of a notification from a protection storage unit,obtains data related to timing of a process by the protection storageunit; and a control unit that associates the data related to the timingof the process with data related to the process.
 2. The informationprocessing device according to claim 1, wherein the data obtaining unitobtains the data related to the timing of the process from outside theprotection storage unit.
 3. The information processing device accordingto claim 2, wherein the data obtaining unit obtains data related to aposition of the protection storage unit at the timing of the process,data related to a surrounding situation of the position, data related toa user of the protection storage unit, or data related to operation ofthe protection storage unit or action of the user together from outsidethe protection storage unit.
 4. The information processing deviceaccording to claim 1, wherein the data obtaining unit obtains the datarelated to the process from the protection storage unit.
 5. Theinformation processing device according to claim 4, wherein theprotection storage unit includes a first storage unit that stores targetdata of the process, and a second storage unit that stores the datarelated to the process, and the data obtaining unit obtains the datarelated to the process from the second storage unit.
 6. The informationprocessing device according to claim 5, wherein the protection storageunit stores the target data of the process which is stored in the firststorage unit after the process, in the second storage unit as the datarelated to the process.
 7. The information processing device accordingto claim 6, wherein the protection storage unit controls storage of thedata related to the process in the second storage unit on a basis ofcontents of the process.
 8. The information processing device accordingto claim 7, wherein in a case where the contents of the process includeupdate of data, the protection storage unit stores the data related tothe process in the second storage unit.
 9. The information processingdevice according to claim 7, wherein in a case where the contents of theprocess include only reading of data, the protection storage unit doesnot store the data related to the process in the second storage unit.10. The information processing device according to claim 6, wherein theprotection storage unit controls storage of the data related to theprocess in the second storage unit on a basis of presence or absence ofa storage area in which the target data of the process is stored orencryption of the target data of the process.
 11. The informationprocessing device according to claim 10, wherein in a case where thetarget data of the process is stored in a storage area for encrypteddata in the first storage unit, or in a case where the target data ofthe process is encrypted, the protection storage unit does not store thedata related to the process in the second storage unit.
 12. Theinformation processing device according to claim 6, wherein theprotection storage unit calculates a hash value of the target data ofthe process, and stores the target data of the process and the hashvalue in the second storage unit as the data related to the process. 13.The information processing device according to claim 1, wherein theprotection storage unit performs the process along with short-rangewireless communication with an external device.
 14. The informationprocessing device according to claim 1, wherein the notification isperformed at timing when the process has ended, at timing when theprocess has been started, or at timing when execution of the process isexpected.
 15. The information processing device according to claim 1,wherein the protection storage unit includes a secure element, and theinformation processing device includes a device host.
 16. An informationprocessing method executed by a computer, the method comprising: on abasis of a notification from a protection storage unit, obtaining datarelated to timing of a process by the protection storage unit; andassociating the data related to the timing of the process with datarelated to the process.